Discussion in 'Black Hat SEO' started by Therookie, Mar 30, 2008.
Who uses TOR?
Also what is difference between proxy and TOR?
1) No one with any sense.
2) TOR is a system of proxies.
Tor is The Onion Router network, its much more effective then using simple proxies. What happens is your packets are encrypted and passed through a number of intermediate nodes before they exit the final target node. This makes it much more difficult to track the source without very in depth traffic analysis. We use this heavily for some internal things ( within certain applications ) to gather certain results from various sources and avoid some limitations they impose.
*********** Internet Marketing Solutions Inc.
Many thanks for the GOOD explanation
Apekillape - why do you say 'no one with any sense' would use TOR? As it's been recommended in this forum quite a few times, I'd be interested in your views (and anyone elses). If TOR is not good, what alternatives would you recommend?
WTF?? Tor is fine. It's not great but it serves a purpose.
Skip to the end if you don't want the exhaustive list of reasons against. I wish TOR was useful, I just can't see it being useful for anything that I/we would do.
I can't completely say that TOR is without it's uses, but by the same token I don't see anything it does that another method doesn't do much better. If you're using it to spam torrent sites, it's nearly useless by now on the good ones because everyone else overused it first. If they were really on the ball they could easily code a TOR-detection add-on to their site so it's banned by default.
Anything else where you're rapidly switching IPs over the course of the day has a similar flaw there, I mainly deal with torrent sites so that's the only one I can say for dead-certain has that issue. It's the same fix across the board though, you can just add a script like this one
and call it a day.
The detection issue aside, I don't think there's enough variation or security in TOR, if you're using it for the type of work we're all likely using it for. TOR is built to be used for normal people for general activities, so even though they're not likely to report you outright on the off chance that something happens, they'll definitely give up everything they can find if someone asks. The other possible security problems are still being worked on, if people haven't started privately exploiting them already:
So from that viewpoint, I see TOR as a good way to do something that has no bearing on anything we do. If you need to switch through a couple hundred IPs a day, Socks (and depending on the situation HTTP) proxies are much more useful, provided you're not doing anything that you wouldn't want someone like us to get ahold of. Mass-posting, spamming, that's no big deal even if someone WAS trying to get info from a honeypot-type proxy, as you're just uploading files. Five files uploaded to a random site from a proxy several people (and eventually several hundred when it gets onto a public list) have connected to is about as safe a method as I know of, if anyone else knows a fire-and-forget way to post from 200-300 different IPs in a day that's in no way tied to you, I'd love to hear it. I just advocate this method because it's the best thing I've found so far, and not for lack of trying to improve on it.
If you're not switching too often, you just need to keep your main IP secure, a VPN chain or remote-server setup would be a lot more secure than TOR, if you're really trying to keep your IP and actions completely anonymous and un-monitored. Anything you're doing that you feel you need to have a really secure line for is worth at least getting a (trusted) VPN setup for, as I would think if you're really being careful you wouldn't want to have anything directing people from that machine to you anyway. It's worth a couple of bucks a month to know for stone fact that no one's got access to your machine, and even if they did eventually get as far as one of the remote machines you're chaining, they have no way to find out who owns it.
1) If you need multiple IPs to keep from getting banned (or any other method where you need to blend with regular traffic), TOR is too easily detectable and heavily in use by less-experienced people in your method's area, so it's easier to pick you out even if you're careful. If a bunch of crappy people did it badly already, the opposition already knows what to look for. Socks proxies are better on all fronts for this purpose.
2) For single-IP masking and information protection it would make more sense to be legitimately secure, as TOR is just as open if not more than anything. You might as well do anything but TOR if you're really trying to protect your identity and/or activities. It's like Peerguardian, you feel safer with it but it doesn't actually stop anyone that you're really trying to hide from.
If someone has found a use for it that I didn't think of, I'd definitely like to hear it. TOR is a great idea for... something, I just don't know of anything it'd really be reliable for as a user unless you really don't want to put the effort into something that would do the job better. Conversely, I can think of several good reasons to set up TOR servers from a BlackHat perspective, but they're all the sort of thing we learn here and hope no one does to us, haha.
N - Seriously, if anyone can think of a good reason to use TOR as a proxy and not a thievery tool to screw the people who are using it as a proxy, I'd love to hear it. I just can't think of anything better than what I've got at the moment, and it's aggravating as hell, haha.
Cheers Apekillape - well thought out response and some valid points. As Loclhero says, it serves a purpose. I guess its use for true BH techniques is not one of those tho!
tor nodes don't keep log files of incoming connections i.e fewer risks to be busted. usual proxies do keep connections logs: even with proxy chaining, there are traces of what you do and who did it in the proxies log files.
the bad news is : tor nodes are published so everyone can build a banlist based on the list of the tor nodes (
). freenode network and wikpedia are doing this.
I am new to some off the services, apps and techniques used here. Tor being one of them.
However I did my regular due diligence on it. I think you reply was extremely thorough in more then one area and appreciate the detailed response and explanation. I like when things make sense
All kidding aside - good post. I found it intuitive and helpful.
Separate names with a comma.